The iPhone, Exchange, ActiveSync, security, and some serious annoyances

If you want ActiveSync and a secure OWA implementation, you'll be putting up another Exchange front-end server just for that, or living with the fact that you can't require SSL connections or use forms-based auth with OWA, opening up some holes you'd rather not have open.

Email a friend

To

Use commas to separate multiple email addresses

From

Thank you

Sorry

Please forgive the rushed nature of this post, but after an hour of beating up the various moving parts associated with providing ActiveSync to an iPhone (and other ActiveSync devices), I had to put this out there, hopefully to prevent anyone else from this particular pain.

If you use forms-based authentication on your OWA server, you can't use ActiveSync -- they're apparently mutually exclusive. Also, you cannot require SSL connections to the /exchange virtual directory if you want to use ActiveSync. Large installations already separate these tasks to separate servers for load reasons, and don't run into this, but if you have a single Exchange server (as was the case here) you're SOL.

Of course, this means that FireFox clients never actually log off from the OWA server, since they're not using forms-based auth.

So, to wrap it up: If you want ActiveSync and a secure OWA implementation, you'll be putting up another Exchange front-end server just for that, or living with the fact that you can't require SSL connections or use forms-based auth with OWA, opening up some holes you'd rather not have open.